Cybersecurity Manager Vision Commercial
Top focus
At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal.
Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at jnj.com .
As guided by Our Credo, Johnson & Johnson is responsible to our employees who work with us throughout the world. We provide an inclusive work environment where each person is considered as an individual. At Johnson & Johnson, we respect the diversity and dignity of our employees and recognize their merit.
All Job Posting Locations: Jacksonville, Florida, United States of America, Little Island, Cork, Ireland, Warsaw, Masovian, Poland Job Description: Cybersecurity Manager Vision Commercial Johnson & Johnson is currently seeking a Cybersecurity Manager to join the Information Security & Risk Management (ISRM) organization.
This position can be based in Dublin, Ireland; Warsaw, Poland or Jacksonville, FL, USA; This candidate will have a diverse background with strong business acumen, technology, and security expertise. He/she will be a strategic thinker who will partner closely with Technology and Business to lead with impact, drive security culture changes and stay updated with industry trends in cybersecurity.
The role is part of the Business Information Security (BIS) team in ISRM supporting the Vision business, with a focus on Commercial functions across sales, market access, digital marketing, e-commerce, and commercial operations within the Medical Technologies sector.
In this role the individual will be the cybersecurity partner supporting secure go-to-market processes and enterprise commercial technologies that enable customer engagement, digital commerce, and commercial execution. The role is responsible for protecting critical business assets, customer and patient data while enabling resilient digital commercial operations.
The individual will work across ISRM demonstrating authentic leadership, driving results, and showing dedication to our Credo
Responsibilities
- Provide early/proactive engagement with project teams to drive business understanding and execution of the security capabilities and services needed for innovative technology solutions
- End to end support for large programs.
- Provide tailored security guidance (based on risk and complexity) - interpret & apply the Asset Protection Policy (IAPP) requirements and standards for unique technology and business initiatives.
- Drive cybersecurity adoption across Vision Commercial teams and markets, including sales, market access, digital marketing, e-commerce
- commercial operations, to secure go-to-market processes, end-user technologies
- enterprise commercial platforms.
- Drive the strategy and adoption of cybersecurity best practices across commercial operations to protect patient, customer and business data across enterprise commercial platforms, digital engagement capabilities
- core commercial workflows.
- Lead the cyber operational portfolio from identification > consulting remediation plan > completion partnering across ISRM, business, and technology teams.
- Establish data analytics to provide security posture across the business units, functions, and sites.
- Assist the Cyber Defense Center (CDC) with security incident investigation activities; work closely with business teams to support affected users and provide liaison with central investigation team.
- Drive business understanding of critical cybersecurity, privacy
- data protection requirements relevant to enterprise commercial platforms, digital engagement capabilities
- commercial data flows, ensuring solutions are compliant (NIST, ISO27001, NIS2, HDS, PGSSI-S, SOX, etc).
- Support the global deployment of security initiatives with awareness sessions, identify alternative ways of working to avoid business disruptions and review exception requests.
- Drive and manage security gap assessments and remediation efforts for Vision Commercial capabilities, including support for new market, platform, or business integration activities
Qualifications
- Bachelor’s degree in cybersecurity, computer science, information technology, business administration, or another rigorous discipline is required.
- Masters strongly preferred. 5+ years of working in IT and/or Engineering with a security focus is required, including hands-on implementation level understanding of key security technologies and controls (e.g., access control, IDP/IDR, anti-malware, patch management, encryption technologies, forensics etc.) Comprehensive knowledge of security technology, tools and techniques utilized in enterprise IT and digital business environments, including identity, endpoint, network, cloud
- enterprise commercial platform security capabilities.
- Direct working and/or supporting experience for MedTech commercial functions, including support for sales, market access, digital marketing, e-commerce, commercial operations
- the enterprise commercial technologies that enable customer engagement and commercial execution, with preferred experience supporting Vision commercial teams.
- Experience in leading/performing security assessments and providing security assurance across various levels of the enterprise architecture (data, application, host, middleware, network, Infrastructure) to ensure data protection Solid understanding of current security threats, mitigation measures
- security vendors/technologies.
- Experience with cloud security (e.g., AWS, Azure) Experience with security standards (ISO27001, HiTrust, NIST, etc.) is required.
- Certifications in cybersecurity (CISM, CISSP, etc.), audit (CISA), or risk management (CRISC) are preferred.
- Awareness of security trends in process, tooling, and threats Good understanding and exposure to data visualization tools such as PowerBI, Tableau etc.
- Big picture perspective and attention to detail focus to align strategic and tactical security aspects.
- Ability to collaborate, network and influence all levels of the organization, cross sector, cross-function and global and establish oneself as an inspiring leader with expertise in space.
- Excellent communication and collaboration skills, able to network, interface and influence at all levels of the organization, cross sector, cross-functionally and globally.
- Strategic mindset to develop capability roadmaps that will enable proactive reliability through data & automation.
- Experience leading and influencing security audits (e.g., SOC Type 2 reporting, PCI, ISO 27001) is preferred.
- Fluency in English required.
- Proficiency in other languages is a plus.
- Required Skills: Preferred Skills: Business Process Design, Crisis Management, Critical Thinking, Developing Others, Inclusive Leadership, Information Security Auditing, Information Security Management System (ISMS), Information Technology (IT) Security Assessments, Information Technology Strategies, Leadership, People Performance Management, Presentation Design, Process Optimization, Resource Planning, Security Architecture Design, Security Policies, Tactical Planning, Vulnerability Management The anticipated pay range for this position, in the primary posting location, is: €70.100,00 - €121.210,00 The anticipated pay ranges for additional locations are: The anticipated base pay range for this position in POLAND is PLN 205.000 to PLN 354.200 The anticipated base pay range for this position in US is USD 102.000 to USD 177.100 Benefits: In addition to base pay, we offer the following benefits*: an annual bonus with set target (% of pay) depending on pay grade / location
- the actual amount is based on the employees’ and companies’ performance of the previous calendar year
- Moreover, we offer vacation days, parental leave for a minimum of 12 weeks, bereavement leave, caregiver leave, volunteer leave, well-being reimbursement, programs for financial, physical and mental health.
- We also offer service anniversary and recognition awards, and subject to the terms of their respective plans, employees - and in some location’s eligible dependents - can participate in several insurance plans.
- For more information, visit Employee benefits | Supporting well-being & career growth | Johnson & Johnson Careers. *This is for informative purposes only.
- Amounts and actual benefits may vary by location and are subject to change.